hi, i extracted from doc/tuning_guide that its good to have users in mysql but keep a default entry in users file. users file: ------------------------------------------------------------ DEFAULT Auth-Type := Accept Framed-IP-Address := 255.255.255.254, Framed-Protocol := PPP, Service-Type := Framed-User, Reply-Message := default-profile ------------------------------------------------------------ when im doing this every request is handled by the default, whether if the user exist in mysql or not. every authentication is accepted and all reply items are taken from the default entry. the rlm_sql module is saying: rlm_sql (sql): User not found
when im doing the mysql query manually in the same way as the debug output of radiusd -X is saying it, then the user is found. furthermore i deleted the default entry in the user file and put it the mysql as radgroupreply and radgroupcheck items. now a request for a existing user is correctly handled, if it exists and the password is wrong the request is rejected, if the user exist and the password is correct the reply items of the users are used, and if the user doesnt exist the default entry above in the mysql are used. i think its better to use default entry in the user file maybe for faster finding and put all user specifiy entries in mysql like described in tuning_guide. could someone say where is the problem with the above setup, why is the user found, when the default entry is in the mysql but could not found if the default entry is in the user file? is this generally a good idea what i want to do or did i missunderstood something? :) thanks in advance, christian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html